@carlonicora/nextjs-jsonapi 1.78.0 → 1.79.0

package/dist/{chunk-NZOUEN67.mjs → chunk-MEWXQEVE.mjs}

@@ -2,7 +2,7 @@ import {
   AbstractService,
   EndpointCreator,
   Modules
-} from "./chunk-I65SSQ5Z.mjs";
+} from "./chunk-BKM5U3DE.mjs";
 import {
   setBootstrapper
 } from "./chunk-BTKJFMFL.mjs";
@@ -194,37 +194,46 @@ var RbacService = class extends AbstractService {
   static {
     __name(this, "RbacService");
   }
-  static async getFeatures() {
-    const endpoint = new EndpointCreator({ endpoint: Modules.Feature }).addAdditionalParam("fetchAll", "true");
-    return this.callApi({
-      type: Modules.Feature,
+  /**
+   * Fetch the current RBAC matrix plus each module's known BFS relationship
+   * paths (used by the permission picker as scope suggestions).
+   *
+   * Dev-only endpoint — see class header.
+   */
+  static async fetchMatrix() {
+    const endpoint = new EndpointCreator({ endpoint: Modules.RbacMatrix }).generate();
+    const model = await this.callApi({
+      type: Modules.RbacMatrix,
       method: "GET" /* GET */,
-      endpoint: endpoint.generate()
+      endpoint
     });
+    return {
+      matrix: model.matrix ?? {},
+      modulePaths: model.modulePaths ?? {}
+    };
   }
-  static async getRoles() {
-    const endpoint = new EndpointCreator({ endpoint: Modules.Role }).addAdditionalParam("fetchAll", "true");
-    return this.callApi({
-      type: Modules.Role,
-      method: "GET" /* GET */,
-      endpoint: endpoint.generate()
-    });
-  }
-  static async getPermissionMappings() {
-    const endpoint = new EndpointCreator({ endpoint: Modules.PermissionMapping });
-    return this.callApi({
-      type: Modules.PermissionMapping,
-      method: "GET" /* GET */,
-      endpoint: endpoint.generate()
-    });
-  }
-  static async getModuleRelationshipPaths() {
-    const endpoint = new EndpointCreator({ endpoint: Modules.ModulePaths });
-    return this.callApi({
-      type: Modules.ModulePaths,
-      method: "GET" /* GET */,
-      endpoint: endpoint.generate()
+  /**
+   * Persist a matrix back to the declarative `permissions.ts` file.
+   *
+   * The backend serializes the matrix to formatted TypeScript using the
+   * provided `roleNames` / `moduleNames` lookup tables (so the emitted file
+   * references `RoleId.X` / `ModuleId.X` rather than raw UUIDs) and writes
+   * it to `outputPath` (absolute, or relative to the repo root).
+   *
+   * Dev-only endpoint — see class header.
+   */
+  static async saveMatrix(args) {
+    const endpoint = new EndpointCreator({ endpoint: Modules.RbacMatrix }).generate();
+    const model = await this.callApi({
+      type: Modules.RbacMatrix,
+      method: "PUT" /* PUT */,
+      endpoint,
+      input: args
     });
+    return {
+      bytesWritten: model.bytesWritten ?? 0,
+      path: model.path ?? ""
+    };
   }
 };
 
@@ -259,4 +268,4 @@ export {
   ACTION_TYPES,
   RbacService
 };
-//# sourceMappingURL=chunk-NZOUEN67.mjs.map
+//# sourceMappingURL=chunk-MEWXQEVE.mjs.map

package/dist/{chunk-NZOUEN67.mjs.map → chunk-MEWXQEVE.mjs.map}

@@ -1 +1 @@
-{"version":3,"sources":["../src/client/config.ts","../src/i18n/config.ts","../src/login/config.ts","../src/roles/config.ts","../src/features/waitlist/config/waitlist.config.ts","../src/features/referral/config.ts","../src/features/rbac/data/RbacTypes.ts","../src/features/rbac/data/RbacService.ts"],"sourcesContent":["\"use client\";\n\nimport { ModuleWithPermissions } from \"../permissions/types\";\nimport { setBootstrapper } from \"../core/registry/bootstrapStore\";\n\n// Config storage for client-side contexts\nlet _clientConfig: {\n  apiUrl: string;\n  appUrl?: string;\n  trackablePages?: ModuleWithPermissions[];\n  bootstrapper?: () => void;\n  additionalHeaders?: Record<string, string>;\n  stripePublishableKey?: string;\n} | null = null;\n\n/**\n * Configure the JSON:API client. This is the main configuration function.\n * This is typically called during app initialization.\n */\nexport function configureJsonApi(config: {\n  apiUrl: string;\n  appUrl?: string;\n  trackablePages?: ModuleWithPermissions[];\n  bootstrapper?: () => void;\n  additionalHeaders?: Record<string, string>;\n  stripePublishableKey?: string;\n}): void {\n  _clientConfig = config;\n  // Register and call bootstrapper to register all modules\n  if (config.bootstrapper) {\n    setBootstrapper(config.bootstrapper);\n    config.bootstrapper();\n  }\n}\n\n/**\n * Configure the client config. This is typically called during app initialization.\n * @deprecated Use configureJsonApi instead\n */\nexport function configureClientConfig(config: {\n  apiUrl: string;\n  appUrl?: string;\n  trackablePages?: ModuleWithPermissions[];\n}): void {\n  _clientConfig = config;\n}\n\n/**\n * Get the configured API URL.\n */\nexport function getApiUrl(): string {\n  if (_clientConfig?.apiUrl) {\n    return _clientConfig.apiUrl;\n  }\n  if (typeof process !== \"undefined\" && process.env?.NEXT_PUBLIC_API_URL) {\n    return process.env.NEXT_PUBLIC_API_URL;\n  }\n  return \"\";\n}\n\n/**\n * Get the configured app URL.\n */\nexport function getAppUrl(): string {\n  if (_clientConfig?.appUrl) {\n    return _clientConfig.appUrl;\n  }\n  if (typeof process !== \"undefined\" && process.env?.NEXT_PUBLIC_APP_URL) {\n    return process.env.NEXT_PUBLIC_APP_URL;\n  }\n  if (typeof window !== \"undefined\") {\n    return window.location.origin;\n  }\n  return \"\";\n}\n\n/**\n * Get the configured trackable pages.\n */\nexport function getTrackablePages(): ModuleWithPermissions[] {\n  return _clientConfig?.trackablePages ?? [];\n}\n\n/**\n * Get the configured Stripe publishable key.\n */\nexport function getStripePublishableKey(): string | undefined {\n  return _clientConfig?.stripePublishableKey;\n}\n","import { ComponentType } from \"react\";\n\n// Types for injected hooks\nexport interface I18nRouter {\n  push: (href: string) => void;\n  replace: (href: string) => void;\n  back: () => void;\n  forward: () => void;\n  refresh: () => void;\n  prefetch: (href: string) => void;\n}\n\nexport type UseRouterHook = () => I18nRouter;\nexport type UseTranslationsHook = (namespace?: string) => (key: string, values?: Record<string, any>) => string;\nexport type UseLocaleHook = () => string;\n\nexport type UseDateFnsLocaleHook = () => any; // date-fns Locale type\nexport type LinkComponent = ComponentType<{ href: string; children: React.ReactNode; [key: string]: any }>;\n\nexport interface I18nConfig {\n  useRouter: UseRouterHook;\n  useTranslations: UseTranslationsHook;\n  useLocale?: UseLocaleHook;\n  useDateFnsLocale?: UseDateFnsLocaleHook;\n  Link: LinkComponent;\n  usePathname: () => string;\n}\n\n// Private storage\nlet _config: I18nConfig | null = null;\n\n// Configuration function (called by app at startup)\nexport function configureI18n(config: I18nConfig): void {\n  _config = config;\n}\n\n// Hooks for library components to use\nexport function useI18nRouter(): I18nRouter {\n  if (!_config?.useRouter) {\n    throw new Error(\"i18n not configured. Call configureI18n() at app startup.\");\n  }\n  return _config.useRouter();\n}\n\nexport function useI18nTranslations(namespace?: string): (key: string, values?: Record<string, any>) => string {\n  if (!_config?.useTranslations) {\n    // Fallback: return key as-is (safe for server/client)\n    return (key: string) => key;\n  }\n  return _config.useTranslations(namespace);\n}\n\nexport function getI18nLink(): LinkComponent {\n  if (!_config?.Link) {\n    throw new Error(\"i18n not configured. Call configureI18n() at app startup.\");\n  }\n  return _config.Link;\n}\n\nexport function useI18nLocale(): string {\n  if (_config?.useLocale) {\n    return _config.useLocale();\n  }\n  // Fallback to English (safe for server/client)\n  return \"en\";\n}\n\nexport function useI18nDateFnsLocale(): any {\n  if (_config?.useDateFnsLocale) {\n    return _config.useDateFnsLocale();\n  }\n  // Fallback to undefined (Calendar will use default)\n  return undefined;\n}\n","let _useDiscordAuth: boolean = false;\nlet _useGoogleAuth: boolean = false;\nlet _useInternalAuth: boolean = true;\nlet _allowRegistration: boolean = true;\nlet _registrationMode: \"open\" | \"closed\" | \"waitlist\" = \"open\";\n\nexport type RegistrationMode = \"open\" | \"closed\" | \"waitlist\";\n\nexport interface LoginConfig {\n  discordClientId?: string;\n  googleClientId?: string;\n  useInternalAuth?: boolean;\n  allowRegistration?: boolean;\n  registrationMode?: RegistrationMode;\n}\n\nexport function configureLogin(params: LoginConfig): void {\n  _useDiscordAuth = !!params.discordClientId;\n  _useGoogleAuth = !!params.googleClientId;\n  _useInternalAuth = params.useInternalAuth ?? true;\n  _allowRegistration = params.allowRegistration ?? true;\n  _registrationMode = params.registrationMode ?? \"open\";\n}\n\nexport function isDiscordAuthEnabled(): boolean {\n  return _useDiscordAuth;\n}\n\nexport function isGoogleAuthEnabled(): boolean {\n  return _useGoogleAuth;\n}\n\nexport function isInternalAuthEnabled(): boolean {\n  return _useInternalAuth;\n}\n\nexport function isRegistrationAllowed(): boolean {\n  return _allowRegistration;\n}\n\nexport function getRegistrationMode(): RegistrationMode {\n  return _registrationMode;\n}\n","/**\n * Role ID configuration interface\n * Apps provide their role IDs via configureRoles()\n */\nexport interface RoleIdConfig {\n  Administrator: string;\n  CompanyAdministrator: string;\n  [key: string]: string; // Allow additional roles\n}\n\n// Private storage for the injected role IDs\nlet _roleId: RoleIdConfig | null = null;\n\n/**\n * Configure role IDs for the library\n * Call this at app startup to provide role ID constants\n *\n * @example\n * ```typescript\n * import { configureRoles } from \"@carlonicora/nextjs-jsonapi\";\n * import { RoleId } from \"@phlow/shared\";\n *\n * configureRoles(RoleId);\n * ```\n */\nexport function configureRoles(roleId: RoleIdConfig): void {\n  _roleId = roleId;\n}\n\n/**\n * Get configured role IDs\n * @throws Error if roles not configured\n */\nexport function getRoleId(): RoleIdConfig {\n  if (!_roleId) {\n    throw new Error(\"Roles not configured. Call configureRoles() at app startup.\");\n  }\n  return _roleId;\n}\n\n/**\n * Check if roles have been configured\n */\nexport function isRolesConfigured(): boolean {\n  return _roleId !== null;\n}\n","export type QuestionnaireFieldType = \"text\" | \"textarea\" | \"select\" | \"checkbox\";\n\nexport interface QuestionnaireOption {\n  value: string;\n  label: string;\n  description?: string;\n}\n\nexport interface QuestionnaireField {\n  id: string;\n  type: QuestionnaireFieldType;\n  label: string;\n  description?: string;\n  placeholder?: string;\n  required?: boolean;\n  options?: QuestionnaireOption[];\n}\n\nexport interface WaitlistConfig {\n  questionnaire?: QuestionnaireField[];\n  heroTitle?: string;\n  heroSubtitle?: string;\n  heroDescription?: string;\n  benefits?: string[];\n}\n\nlet _waitlistConfig: WaitlistConfig = {};\n\nexport function configureWaitlist(config: WaitlistConfig): void {\n  _waitlistConfig = config;\n}\n\nexport function getWaitlistConfig(): WaitlistConfig {\n  return _waitlistConfig;\n}\n","/**\n * Configuration interface for frontend referral feature.\n */\nexport interface ReferralConfig {\n  /**\n   * Whether the referral feature is enabled.\n   * When false, components render nothing and hooks return null.\n   * @default false\n   */\n  enabled?: boolean;\n\n  /**\n   * Name of the cookie used to store referral codes.\n   * @default \"referral_code\"\n   */\n  cookieName?: string;\n\n  /**\n   * Number of days the referral cookie is valid.\n   * @default 30\n   */\n  cookieDays?: number;\n\n  /**\n   * Query parameter name for referral code in URL.\n   * @default \"ref\"\n   */\n  urlParamName?: string;\n\n  /**\n   * Base URL for referral links.\n   * @default window.location.origin (client-side only)\n   */\n  referralUrlBase?: string;\n\n  /**\n   * Path to append to base URL for referral links.\n   * @default \"/\"\n   */\n  referralPath?: string;\n}\n\n/**\n * Default configuration values\n */\nexport const DEFAULT_REFERRAL_CONFIG: Required<ReferralConfig> = {\n  enabled: false,\n  cookieName: \"referral_code\",\n  cookieDays: 30,\n  urlParamName: \"ref\",\n  referralUrlBase: \"\",\n  referralPath: \"/\",\n};\n\n// Private storage for configuration\nlet _referralConfig: Required<ReferralConfig> = { ...DEFAULT_REFERRAL_CONFIG };\n\n/**\n * Configure referral feature settings.\n * Call this at app startup to enable and configure referral functionality.\n *\n * @example\n * ```typescript\n * import { configureReferral } from \"@carlonicora/nextjs-jsonapi\";\n *\n * configureReferral({\n *   enabled: process.env.NEXT_PUBLIC_REFERRAL_ENABLED === 'true',\n *   cookieDays: 30,\n * });\n * ```\n */\nexport function configureReferral(config: ReferralConfig): void {\n  _referralConfig = { ...DEFAULT_REFERRAL_CONFIG, ...config };\n}\n\n/**\n * Get the current referral configuration.\n * @internal\n */\nexport function getReferralConfig(): Required<ReferralConfig> {\n  return _referralConfig;\n}\n\n/**\n * Check if referral feature is enabled.\n */\nexport function isReferralEnabled(): boolean {\n  return _referralConfig.enabled;\n}\n","export const COMPANY_ADMINISTRATOR_ROLE_ID = \"2e1eee00-6cba-4506-9059-ccd24e4ea5b0\";\n\nexport type PermissionValue = boolean | string;\n\nexport type ActionType = \"read\" | \"create\" | \"update\" | \"delete\";\n\nexport const ACTION_TYPES: ActionType[] = [\"read\", \"create\", \"update\", \"delete\"];\n\n/** The permissions object shape used by both Module and PermissionMapping entities */\nexport type PermissionsMap = {\n  create?: PermissionValue;\n  read?: PermissionValue;\n  update?: PermissionValue;\n  delete?: PermissionValue;\n};\n","import { AbstractService, EndpointCreator, HttpMethod, Modules } from \"../../../core\";\nimport { FeatureInterface } from \"../../feature\";\nimport { RoleInterface } from \"../../role\";\nimport { PermissionMappingInterface } from \"./PermissionMappingInterface\";\nimport { ModulePathsInterface } from \"./ModulePathsInterface\";\n\nexport class RbacService extends AbstractService {\n  static async getFeatures(): Promise<FeatureInterface[]> {\n    const endpoint = new EndpointCreator({ endpoint: Modules.Feature }).addAdditionalParam(\"fetchAll\", \"true\");\n\n    return this.callApi<FeatureInterface[]>({\n      type: Modules.Feature,\n      method: HttpMethod.GET,\n      endpoint: endpoint.generate(),\n    });\n  }\n\n  static async getRoles(): Promise<RoleInterface[]> {\n    const endpoint = new EndpointCreator({ endpoint: Modules.Role }).addAdditionalParam(\"fetchAll\", \"true\");\n\n    return this.callApi<RoleInterface[]>({\n      type: Modules.Role,\n      method: HttpMethod.GET,\n      endpoint: endpoint.generate(),\n    });\n  }\n\n  static async getPermissionMappings(): Promise<PermissionMappingInterface[]> {\n    const endpoint = new EndpointCreator({ endpoint: Modules.PermissionMapping });\n\n    return this.callApi<PermissionMappingInterface[]>({\n      type: Modules.PermissionMapping,\n      method: HttpMethod.GET,\n      endpoint: endpoint.generate(),\n    });\n  }\n\n  static async getModuleRelationshipPaths(): Promise<ModulePathsInterface[]> {\n    const endpoint = new EndpointCreator({ endpoint: Modules.ModulePaths });\n\n    return this.callApi<ModulePathsInterface[]>({\n      type: Modules.ModulePaths,\n      method: HttpMethod.GET,\n      endpoint: endpoint.generate(),\n    });\n  }\n}\n"],"mappings":";;;;;;;;;;;;;AAMA,IAAI,gBAOO;AAMJ,SAAS,iBAAiB,QAOxB;AACP,kBAAgB;AAEhB,MAAI,OAAO,cAAc;AACvB,oBAAgB,OAAO,YAAY;AACnC,WAAO,aAAa;AAAA,EACtB;AACF;AAdgB;AAoBT,SAAS,sBAAsB,QAI7B;AACP,kBAAgB;AAClB;AANgB;AAWT,SAAS,YAAoB;AAClC,MAAI,eAAe,QAAQ;AACzB,WAAO,cAAc;AAAA,EACvB;AACA,MAAI,OAAO,YAAY,eAAe,QAAQ,KAAK,qBAAqB;AACtE,WAAO,QAAQ,IAAI;AAAA,EACrB;AACA,SAAO;AACT;AARgB;AAaT,SAAS,YAAoB;AAClC,MAAI,eAAe,QAAQ;AACzB,WAAO,cAAc;AAAA,EACvB;AACA,MAAI,OAAO,YAAY,eAAe,QAAQ,KAAK,qBAAqB;AACtE,WAAO,QAAQ,IAAI;AAAA,EACrB;AACA,MAAI,OAAO,WAAW,aAAa;AACjC,WAAO,OAAO,SAAS;AAAA,EACzB;AACA,SAAO;AACT;AAXgB;AAgBT,SAAS,oBAA6C;AAC3D,SAAO,eAAe,kBAAkB,CAAC;AAC3C;AAFgB;AAOT,SAAS,0BAA8C;AAC5D,SAAO,eAAe;AACxB;AAFgB;;;ACzDhB,IAAI,UAA6B;AAG1B,SAAS,cAAc,QAA0B;AACtD,YAAU;AACZ;AAFgB;AAKT,SAAS,gBAA4B;AAC1C,MAAI,CAAC,SAAS,WAAW;AACvB,UAAM,IAAI,MAAM,2DAA2D;AAAA,EAC7E;AACA,SAAO,QAAQ,UAAU;AAC3B;AALgB;AAOT,SAAS,oBAAoB,WAA2E;AAC7G,MAAI,CAAC,SAAS,iBAAiB;AAE7B,WAAO,CAAC,QAAgB;AAAA,EAC1B;AACA,SAAO,QAAQ,gBAAgB,SAAS;AAC1C;AANgB;AAQT,SAAS,cAA6B;AAC3C,MAAI,CAAC,SAAS,MAAM;AAClB,UAAM,IAAI,MAAM,2DAA2D;AAAA,EAC7E;AACA,SAAO,QAAQ;AACjB;AALgB;AAOT,SAAS,gBAAwB;AACtC,MAAI,SAAS,WAAW;AACtB,WAAO,QAAQ,UAAU;AAAA,EAC3B;AAEA,SAAO;AACT;AANgB;AAQT,SAAS,uBAA4B;AAC1C,MAAI,SAAS,kBAAkB;AAC7B,WAAO,QAAQ,iBAAiB;AAAA,EAClC;AAEA,SAAO;AACT;AANgB;;;ACnEhB,IAAI,kBAA2B;AAC/B,IAAI,iBAA0B;AAC9B,IAAI,mBAA4B;AAChC,IAAI,qBAA8B;AAClC,IAAI,oBAAoD;AAYjD,SAAS,eAAe,QAA2B;AACxD,oBAAkB,CAAC,CAAC,OAAO;AAC3B,mBAAiB,CAAC,CAAC,OAAO;AAC1B,qBAAmB,OAAO,mBAAmB;AAC7C,uBAAqB,OAAO,qBAAqB;AACjD,sBAAoB,OAAO,oBAAoB;AACjD;AANgB;AAQT,SAAS,uBAAgC;AAC9C,SAAO;AACT;AAFgB;AAIT,SAAS,sBAA+B;AAC7C,SAAO;AACT;AAFgB;AAIT,SAAS,wBAAiC;AAC/C,SAAO;AACT;AAFgB;AAIT,SAAS,wBAAiC;AAC/C,SAAO;AACT;AAFgB;AAIT,SAAS,sBAAwC;AACtD,SAAO;AACT;AAFgB;;;AC7BhB,IAAI,UAA+B;AAc5B,SAAS,eAAe,QAA4B;AACzD,YAAU;AACZ;AAFgB;AAQT,SAAS,YAA0B;AACxC,MAAI,CAAC,SAAS;AACZ,UAAM,IAAI,MAAM,6DAA6D;AAAA,EAC/E;AACA,SAAO;AACT;AALgB;AAUT,SAAS,oBAA6B;AAC3C,SAAO,YAAY;AACrB;AAFgB;;;ACjBhB,IAAI,kBAAkC,CAAC;AAEhC,SAAS,kBAAkB,QAA8B;AAC9D,oBAAkB;AACpB;AAFgB;AAIT,SAAS,oBAAoC;AAClD,SAAO;AACT;AAFgB;;;ACaT,IAAM,0BAAoD;AAAA,EAC/D,SAAS;AAAA,EACT,YAAY;AAAA,EACZ,YAAY;AAAA,EACZ,cAAc;AAAA,EACd,iBAAiB;AAAA,EACjB,cAAc;AAChB;AAGA,IAAI,kBAA4C,EAAE,GAAG,wBAAwB;AAgBtE,SAAS,kBAAkB,QAA8B;AAC9D,oBAAkB,EAAE,GAAG,yBAAyB,GAAG,OAAO;AAC5D;AAFgB;AAQT,SAAS,oBAA8C;AAC5D,SAAO;AACT;AAFgB;AAOT,SAAS,oBAA6B;AAC3C,SAAO,gBAAgB;AACzB;AAFgB;;;ACtFT,IAAM,gCAAgC;AAMtC,IAAM,eAA6B,CAAC,QAAQ,UAAU,UAAU,QAAQ;;;ACAxE,IAAM,cAAN,cAA0B,gBAAgB;AAAA,EANjD,OAMiD;AAAA;AAAA;AAAA,EAC/C,aAAa,cAA2C;AACtD,UAAM,WAAW,IAAI,gBAAgB,EAAE,UAAU,QAAQ,QAAQ,CAAC,EAAE,mBAAmB,YAAY,MAAM;AAEzG,WAAO,KAAK,QAA4B;AAAA,MACtC,MAAM,QAAQ;AAAA,MACd;AAAA,MACA,UAAU,SAAS,SAAS;AAAA,IAC9B,CAAC;AAAA,EACH;AAAA,EAEA,aAAa,WAAqC;AAChD,UAAM,WAAW,IAAI,gBAAgB,EAAE,UAAU,QAAQ,KAAK,CAAC,EAAE,mBAAmB,YAAY,MAAM;AAEtG,WAAO,KAAK,QAAyB;AAAA,MACnC,MAAM,QAAQ;AAAA,MACd;AAAA,MACA,UAAU,SAAS,SAAS;AAAA,IAC9B,CAAC;AAAA,EACH;AAAA,EAEA,aAAa,wBAA+D;AAC1E,UAAM,WAAW,IAAI,gBAAgB,EAAE,UAAU,QAAQ,kBAAkB,CAAC;AAE5E,WAAO,KAAK,QAAsC;AAAA,MAChD,MAAM,QAAQ;AAAA,MACd;AAAA,MACA,UAAU,SAAS,SAAS;AAAA,IAC9B,CAAC;AAAA,EACH;AAAA,EAEA,aAAa,6BAA8D;AACzE,UAAM,WAAW,IAAI,gBAAgB,EAAE,UAAU,QAAQ,YAAY,CAAC;AAEtE,WAAO,KAAK,QAAgC;AAAA,MAC1C,MAAM,QAAQ;AAAA,MACd;AAAA,MACA,UAAU,SAAS,SAAS;AAAA,IAC9B,CAAC;AAAA,EACH;AACF;","names":[]}
+{"version":3,"sources":["../src/client/config.ts","../src/i18n/config.ts","../src/login/config.ts","../src/roles/config.ts","../src/features/waitlist/config/waitlist.config.ts","../src/features/referral/config.ts","../src/features/rbac/data/RbacTypes.ts","../src/features/rbac/data/RbacService.ts"],"sourcesContent":["\"use client\";\n\nimport { ModuleWithPermissions } from \"../permissions/types\";\nimport { setBootstrapper } from \"../core/registry/bootstrapStore\";\n\n// Config storage for client-side contexts\nlet _clientConfig: {\n  apiUrl: string;\n  appUrl?: string;\n  trackablePages?: ModuleWithPermissions[];\n  bootstrapper?: () => void;\n  additionalHeaders?: Record<string, string>;\n  stripePublishableKey?: string;\n} | null = null;\n\n/**\n * Configure the JSON:API client. This is the main configuration function.\n * This is typically called during app initialization.\n */\nexport function configureJsonApi(config: {\n  apiUrl: string;\n  appUrl?: string;\n  trackablePages?: ModuleWithPermissions[];\n  bootstrapper?: () => void;\n  additionalHeaders?: Record<string, string>;\n  stripePublishableKey?: string;\n}): void {\n  _clientConfig = config;\n  // Register and call bootstrapper to register all modules\n  if (config.bootstrapper) {\n    setBootstrapper(config.bootstrapper);\n    config.bootstrapper();\n  }\n}\n\n/**\n * Configure the client config. This is typically called during app initialization.\n * @deprecated Use configureJsonApi instead\n */\nexport function configureClientConfig(config: {\n  apiUrl: string;\n  appUrl?: string;\n  trackablePages?: ModuleWithPermissions[];\n}): void {\n  _clientConfig = config;\n}\n\n/**\n * Get the configured API URL.\n */\nexport function getApiUrl(): string {\n  if (_clientConfig?.apiUrl) {\n    return _clientConfig.apiUrl;\n  }\n  if (typeof process !== \"undefined\" && process.env?.NEXT_PUBLIC_API_URL) {\n    return process.env.NEXT_PUBLIC_API_URL;\n  }\n  return \"\";\n}\n\n/**\n * Get the configured app URL.\n */\nexport function getAppUrl(): string {\n  if (_clientConfig?.appUrl) {\n    return _clientConfig.appUrl;\n  }\n  if (typeof process !== \"undefined\" && process.env?.NEXT_PUBLIC_APP_URL) {\n    return process.env.NEXT_PUBLIC_APP_URL;\n  }\n  if (typeof window !== \"undefined\") {\n    return window.location.origin;\n  }\n  return \"\";\n}\n\n/**\n * Get the configured trackable pages.\n */\nexport function getTrackablePages(): ModuleWithPermissions[] {\n  return _clientConfig?.trackablePages ?? [];\n}\n\n/**\n * Get the configured Stripe publishable key.\n */\nexport function getStripePublishableKey(): string | undefined {\n  return _clientConfig?.stripePublishableKey;\n}\n","import { ComponentType } from \"react\";\n\n// Types for injected hooks\nexport interface I18nRouter {\n  push: (href: string) => void;\n  replace: (href: string) => void;\n  back: () => void;\n  forward: () => void;\n  refresh: () => void;\n  prefetch: (href: string) => void;\n}\n\nexport type UseRouterHook = () => I18nRouter;\nexport type UseTranslationsHook = (namespace?: string) => (key: string, values?: Record<string, any>) => string;\nexport type UseLocaleHook = () => string;\n\nexport type UseDateFnsLocaleHook = () => any; // date-fns Locale type\nexport type LinkComponent = ComponentType<{ href: string; children: React.ReactNode; [key: string]: any }>;\n\nexport interface I18nConfig {\n  useRouter: UseRouterHook;\n  useTranslations: UseTranslationsHook;\n  useLocale?: UseLocaleHook;\n  useDateFnsLocale?: UseDateFnsLocaleHook;\n  Link: LinkComponent;\n  usePathname: () => string;\n}\n\n// Private storage\nlet _config: I18nConfig | null = null;\n\n// Configuration function (called by app at startup)\nexport function configureI18n(config: I18nConfig): void {\n  _config = config;\n}\n\n// Hooks for library components to use\nexport function useI18nRouter(): I18nRouter {\n  if (!_config?.useRouter) {\n    throw new Error(\"i18n not configured. Call configureI18n() at app startup.\");\n  }\n  return _config.useRouter();\n}\n\nexport function useI18nTranslations(namespace?: string): (key: string, values?: Record<string, any>) => string {\n  if (!_config?.useTranslations) {\n    // Fallback: return key as-is (safe for server/client)\n    return (key: string) => key;\n  }\n  return _config.useTranslations(namespace);\n}\n\nexport function getI18nLink(): LinkComponent {\n  if (!_config?.Link) {\n    throw new Error(\"i18n not configured. Call configureI18n() at app startup.\");\n  }\n  return _config.Link;\n}\n\nexport function useI18nLocale(): string {\n  if (_config?.useLocale) {\n    return _config.useLocale();\n  }\n  // Fallback to English (safe for server/client)\n  return \"en\";\n}\n\nexport function useI18nDateFnsLocale(): any {\n  if (_config?.useDateFnsLocale) {\n    return _config.useDateFnsLocale();\n  }\n  // Fallback to undefined (Calendar will use default)\n  return undefined;\n}\n","let _useDiscordAuth: boolean = false;\nlet _useGoogleAuth: boolean = false;\nlet _useInternalAuth: boolean = true;\nlet _allowRegistration: boolean = true;\nlet _registrationMode: \"open\" | \"closed\" | \"waitlist\" = \"open\";\n\nexport type RegistrationMode = \"open\" | \"closed\" | \"waitlist\";\n\nexport interface LoginConfig {\n  discordClientId?: string;\n  googleClientId?: string;\n  useInternalAuth?: boolean;\n  allowRegistration?: boolean;\n  registrationMode?: RegistrationMode;\n}\n\nexport function configureLogin(params: LoginConfig): void {\n  _useDiscordAuth = !!params.discordClientId;\n  _useGoogleAuth = !!params.googleClientId;\n  _useInternalAuth = params.useInternalAuth ?? true;\n  _allowRegistration = params.allowRegistration ?? true;\n  _registrationMode = params.registrationMode ?? \"open\";\n}\n\nexport function isDiscordAuthEnabled(): boolean {\n  return _useDiscordAuth;\n}\n\nexport function isGoogleAuthEnabled(): boolean {\n  return _useGoogleAuth;\n}\n\nexport function isInternalAuthEnabled(): boolean {\n  return _useInternalAuth;\n}\n\nexport function isRegistrationAllowed(): boolean {\n  return _allowRegistration;\n}\n\nexport function getRegistrationMode(): RegistrationMode {\n  return _registrationMode;\n}\n","/**\n * Role ID configuration interface\n * Apps provide their role IDs via configureRoles()\n */\nexport interface RoleIdConfig {\n  Administrator: string;\n  CompanyAdministrator: string;\n  [key: string]: string; // Allow additional roles\n}\n\n// Private storage for the injected role IDs\nlet _roleId: RoleIdConfig | null = null;\n\n/**\n * Configure role IDs for the library\n * Call this at app startup to provide role ID constants\n *\n * @example\n * ```typescript\n * import { configureRoles } from \"@carlonicora/nextjs-jsonapi\";\n * import { RoleId } from \"@phlow/shared\";\n *\n * configureRoles(RoleId);\n * ```\n */\nexport function configureRoles(roleId: RoleIdConfig): void {\n  _roleId = roleId;\n}\n\n/**\n * Get configured role IDs\n * @throws Error if roles not configured\n */\nexport function getRoleId(): RoleIdConfig {\n  if (!_roleId) {\n    throw new Error(\"Roles not configured. Call configureRoles() at app startup.\");\n  }\n  return _roleId;\n}\n\n/**\n * Check if roles have been configured\n */\nexport function isRolesConfigured(): boolean {\n  return _roleId !== null;\n}\n","export type QuestionnaireFieldType = \"text\" | \"textarea\" | \"select\" | \"checkbox\";\n\nexport interface QuestionnaireOption {\n  value: string;\n  label: string;\n  description?: string;\n}\n\nexport interface QuestionnaireField {\n  id: string;\n  type: QuestionnaireFieldType;\n  label: string;\n  description?: string;\n  placeholder?: string;\n  required?: boolean;\n  options?: QuestionnaireOption[];\n}\n\nexport interface WaitlistConfig {\n  questionnaire?: QuestionnaireField[];\n  heroTitle?: string;\n  heroSubtitle?: string;\n  heroDescription?: string;\n  benefits?: string[];\n}\n\nlet _waitlistConfig: WaitlistConfig = {};\n\nexport function configureWaitlist(config: WaitlistConfig): void {\n  _waitlistConfig = config;\n}\n\nexport function getWaitlistConfig(): WaitlistConfig {\n  return _waitlistConfig;\n}\n","/**\n * Configuration interface for frontend referral feature.\n */\nexport interface ReferralConfig {\n  /**\n   * Whether the referral feature is enabled.\n   * When false, components render nothing and hooks return null.\n   * @default false\n   */\n  enabled?: boolean;\n\n  /**\n   * Name of the cookie used to store referral codes.\n   * @default \"referral_code\"\n   */\n  cookieName?: string;\n\n  /**\n   * Number of days the referral cookie is valid.\n   * @default 30\n   */\n  cookieDays?: number;\n\n  /**\n   * Query parameter name for referral code in URL.\n   * @default \"ref\"\n   */\n  urlParamName?: string;\n\n  /**\n   * Base URL for referral links.\n   * @default window.location.origin (client-side only)\n   */\n  referralUrlBase?: string;\n\n  /**\n   * Path to append to base URL for referral links.\n   * @default \"/\"\n   */\n  referralPath?: string;\n}\n\n/**\n * Default configuration values\n */\nexport const DEFAULT_REFERRAL_CONFIG: Required<ReferralConfig> = {\n  enabled: false,\n  cookieName: \"referral_code\",\n  cookieDays: 30,\n  urlParamName: \"ref\",\n  referralUrlBase: \"\",\n  referralPath: \"/\",\n};\n\n// Private storage for configuration\nlet _referralConfig: Required<ReferralConfig> = { ...DEFAULT_REFERRAL_CONFIG };\n\n/**\n * Configure referral feature settings.\n * Call this at app startup to enable and configure referral functionality.\n *\n * @example\n * ```typescript\n * import { configureReferral } from \"@carlonicora/nextjs-jsonapi\";\n *\n * configureReferral({\n *   enabled: process.env.NEXT_PUBLIC_REFERRAL_ENABLED === 'true',\n *   cookieDays: 30,\n * });\n * ```\n */\nexport function configureReferral(config: ReferralConfig): void {\n  _referralConfig = { ...DEFAULT_REFERRAL_CONFIG, ...config };\n}\n\n/**\n * Get the current referral configuration.\n * @internal\n */\nexport function getReferralConfig(): Required<ReferralConfig> {\n  return _referralConfig;\n}\n\n/**\n * Check if referral feature is enabled.\n */\nexport function isReferralEnabled(): boolean {\n  return _referralConfig.enabled;\n}\n","export const COMPANY_ADMINISTRATOR_ROLE_ID = \"2e1eee00-6cba-4506-9059-ccd24e4ea5b0\";\n\nexport type PermissionValue = boolean | string;\n\nexport type ActionType = \"read\" | \"create\" | \"update\" | \"delete\";\n\nexport const ACTION_TYPES: ActionType[] = [\"read\", \"create\", \"update\", \"delete\"];\n\n/** The permissions object shape used by both Module and PermissionMapping entities */\nexport type PermissionsMap = {\n  create?: PermissionValue;\n  read?: PermissionValue;\n  update?: PermissionValue;\n  delete?: PermissionValue;\n};\n\n/**\n * Declarative-RBAC matrix types.\n *\n * Mirror of the library types defined in\n * `packages/nestjs-neo4jsonapi/src/foundations/rbac/dsl/types.ts`.\n * Frontend does not import from backend, so the shape is redefined here.\n *\n * A `PermToken` represents a single permission entry:\n *  - `scope: true`  → unconditional (e.g. full read of the module)\n *  - `scope: false` → nothing (rarely used, mostly a placeholder)\n *  - `scope: \"path\"` → scoped by relationship path (e.g. \"orders.account\")\n */\nexport type PermToken = { action: string; scope: boolean | string };\n\n/**\n * A per-module block of the matrix. Always has a `default` row (permissions\n * granted to every role). Additional keys are role IDs → role-specific\n * permission tokens that are unioned with `default` to produce the effective\n * permissions for that role in that module.\n */\nexport type RbacModuleBlock = { default: PermToken[] } & Record<string, PermToken[]>;\n\n/**\n * The full RBAC matrix as served by the dev endpoint `GET /_dev/rbac/matrix`.\n * Keys are module IDs; values are module blocks.\n */\nexport type RbacMatrix = Record<string, RbacModuleBlock>;\n","import { AbstractService, EndpointCreator, HttpMethod, Modules } from \"../../../core\";\nimport type { RbacMatrixModel } from \"./RbacMatrixModel\";\nimport type { RbacMatrix } from \"./RbacTypes\";\n\n/**\n * RbacService — fetches RBAC configuration for the admin UI.\n *\n * Declarative-matrix methods (`fetchMatrix`, `saveMatrix`) talk to the\n * dev-only endpoints added in\n * `packages/nestjs-neo4jsonapi/.../rbac-dev.controller.ts`. The controller\n * speaks JSON:API (singleton resource with `type: \"rbac-matrix\"`, `id:\n * \"singleton\"`), so these methods go through the standard `callApi()`\n * pipeline like every other service in the codebase.\n *\n * The backend only registers these routes when `devMode` is enabled on\n * `RbacModule.register` (see `apps/api/src/features/features.modules.ts`).\n * In production the routes return 404; callers should guard with a dev-mode\n * check.\n */\nexport class RbacService extends AbstractService {\n  /**\n   * Fetch the current RBAC matrix plus each module's known BFS relationship\n   * paths (used by the permission picker as scope suggestions).\n   *\n   * Dev-only endpoint — see class header.\n   */\n  static async fetchMatrix(): Promise<{\n    matrix: RbacMatrix;\n    modulePaths: Record<string, readonly string[]>;\n  }> {\n    const endpoint = new EndpointCreator({ endpoint: Modules.RbacMatrix }).generate();\n\n    const model = await this.callApi<RbacMatrixModel>({\n      type: Modules.RbacMatrix,\n      method: HttpMethod.GET,\n      endpoint,\n    });\n\n    return {\n      matrix: model.matrix ?? {},\n      modulePaths: model.modulePaths ?? {},\n    };\n  }\n\n  /**\n   * Persist a matrix back to the declarative `permissions.ts` file.\n   *\n   * The backend serializes the matrix to formatted TypeScript using the\n   * provided `roleNames` / `moduleNames` lookup tables (so the emitted file\n   * references `RoleId.X` / `ModuleId.X` rather than raw UUIDs) and writes\n   * it to `outputPath` (absolute, or relative to the repo root).\n   *\n   * Dev-only endpoint — see class header.\n   */\n  static async saveMatrix(args: {\n    matrix: RbacMatrix;\n    roleNames: Record<string, string>;\n    moduleNames: Record<string, string>;\n    outputPath: string;\n  }): Promise<{ bytesWritten: number; path: string }> {\n    const endpoint = new EndpointCreator({ endpoint: Modules.RbacMatrix }).generate();\n\n    const model = await this.callApi<RbacMatrixModel>({\n      type: Modules.RbacMatrix,\n      method: HttpMethod.PUT,\n      endpoint,\n      input: args,\n    });\n\n    return {\n      bytesWritten: model.bytesWritten ?? 0,\n      path: model.path ?? \"\",\n    };\n  }\n}\n"],"mappings":";;;;;;;;;;;;;AAMA,IAAI,gBAOO;AAMJ,SAAS,iBAAiB,QAOxB;AACP,kBAAgB;AAEhB,MAAI,OAAO,cAAc;AACvB,oBAAgB,OAAO,YAAY;AACnC,WAAO,aAAa;AAAA,EACtB;AACF;AAdgB;AAoBT,SAAS,sBAAsB,QAI7B;AACP,kBAAgB;AAClB;AANgB;AAWT,SAAS,YAAoB;AAClC,MAAI,eAAe,QAAQ;AACzB,WAAO,cAAc;AAAA,EACvB;AACA,MAAI,OAAO,YAAY,eAAe,QAAQ,KAAK,qBAAqB;AACtE,WAAO,QAAQ,IAAI;AAAA,EACrB;AACA,SAAO;AACT;AARgB;AAaT,SAAS,YAAoB;AAClC,MAAI,eAAe,QAAQ;AACzB,WAAO,cAAc;AAAA,EACvB;AACA,MAAI,OAAO,YAAY,eAAe,QAAQ,KAAK,qBAAqB;AACtE,WAAO,QAAQ,IAAI;AAAA,EACrB;AACA,MAAI,OAAO,WAAW,aAAa;AACjC,WAAO,OAAO,SAAS;AAAA,EACzB;AACA,SAAO;AACT;AAXgB;AAgBT,SAAS,oBAA6C;AAC3D,SAAO,eAAe,kBAAkB,CAAC;AAC3C;AAFgB;AAOT,SAAS,0BAA8C;AAC5D,SAAO,eAAe;AACxB;AAFgB;;;ACzDhB,IAAI,UAA6B;AAG1B,SAAS,cAAc,QAA0B;AACtD,YAAU;AACZ;AAFgB;AAKT,SAAS,gBAA4B;AAC1C,MAAI,CAAC,SAAS,WAAW;AACvB,UAAM,IAAI,MAAM,2DAA2D;AAAA,EAC7E;AACA,SAAO,QAAQ,UAAU;AAC3B;AALgB;AAOT,SAAS,oBAAoB,WAA2E;AAC7G,MAAI,CAAC,SAAS,iBAAiB;AAE7B,WAAO,CAAC,QAAgB;AAAA,EAC1B;AACA,SAAO,QAAQ,gBAAgB,SAAS;AAC1C;AANgB;AAQT,SAAS,cAA6B;AAC3C,MAAI,CAAC,SAAS,MAAM;AAClB,UAAM,IAAI,MAAM,2DAA2D;AAAA,EAC7E;AACA,SAAO,QAAQ;AACjB;AALgB;AAOT,SAAS,gBAAwB;AACtC,MAAI,SAAS,WAAW;AACtB,WAAO,QAAQ,UAAU;AAAA,EAC3B;AAEA,SAAO;AACT;AANgB;AAQT,SAAS,uBAA4B;AAC1C,MAAI,SAAS,kBAAkB;AAC7B,WAAO,QAAQ,iBAAiB;AAAA,EAClC;AAEA,SAAO;AACT;AANgB;;;ACnEhB,IAAI,kBAA2B;AAC/B,IAAI,iBAA0B;AAC9B,IAAI,mBAA4B;AAChC,IAAI,qBAA8B;AAClC,IAAI,oBAAoD;AAYjD,SAAS,eAAe,QAA2B;AACxD,oBAAkB,CAAC,CAAC,OAAO;AAC3B,mBAAiB,CAAC,CAAC,OAAO;AAC1B,qBAAmB,OAAO,mBAAmB;AAC7C,uBAAqB,OAAO,qBAAqB;AACjD,sBAAoB,OAAO,oBAAoB;AACjD;AANgB;AAQT,SAAS,uBAAgC;AAC9C,SAAO;AACT;AAFgB;AAIT,SAAS,sBAA+B;AAC7C,SAAO;AACT;AAFgB;AAIT,SAAS,wBAAiC;AAC/C,SAAO;AACT;AAFgB;AAIT,SAAS,wBAAiC;AAC/C,SAAO;AACT;AAFgB;AAIT,SAAS,sBAAwC;AACtD,SAAO;AACT;AAFgB;;;AC7BhB,IAAI,UAA+B;AAc5B,SAAS,eAAe,QAA4B;AACzD,YAAU;AACZ;AAFgB;AAQT,SAAS,YAA0B;AACxC,MAAI,CAAC,SAAS;AACZ,UAAM,IAAI,MAAM,6DAA6D;AAAA,EAC/E;AACA,SAAO;AACT;AALgB;AAUT,SAAS,oBAA6B;AAC3C,SAAO,YAAY;AACrB;AAFgB;;;ACjBhB,IAAI,kBAAkC,CAAC;AAEhC,SAAS,kBAAkB,QAA8B;AAC9D,oBAAkB;AACpB;AAFgB;AAIT,SAAS,oBAAoC;AAClD,SAAO;AACT;AAFgB;;;ACaT,IAAM,0BAAoD;AAAA,EAC/D,SAAS;AAAA,EACT,YAAY;AAAA,EACZ,YAAY;AAAA,EACZ,cAAc;AAAA,EACd,iBAAiB;AAAA,EACjB,cAAc;AAChB;AAGA,IAAI,kBAA4C,EAAE,GAAG,wBAAwB;AAgBtE,SAAS,kBAAkB,QAA8B;AAC9D,oBAAkB,EAAE,GAAG,yBAAyB,GAAG,OAAO;AAC5D;AAFgB;AAQT,SAAS,oBAA8C;AAC5D,SAAO;AACT;AAFgB;AAOT,SAAS,oBAA6B;AAC3C,SAAO,gBAAgB;AACzB;AAFgB;;;ACtFT,IAAM,gCAAgC;AAMtC,IAAM,eAA6B,CAAC,QAAQ,UAAU,UAAU,QAAQ;;;ACaxE,IAAM,cAAN,cAA0B,gBAAgB;AAAA,EAnBjD,OAmBiD;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAO/C,aAAa,cAGV;AACD,UAAM,WAAW,IAAI,gBAAgB,EAAE,UAAU,QAAQ,WAAW,CAAC,EAAE,SAAS;AAEhF,UAAM,QAAQ,MAAM,KAAK,QAAyB;AAAA,MAChD,MAAM,QAAQ;AAAA,MACd;AAAA,MACA;AAAA,IACF,CAAC;AAED,WAAO;AAAA,MACL,QAAQ,MAAM,UAAU,CAAC;AAAA,MACzB,aAAa,MAAM,eAAe,CAAC;AAAA,IACrC;AAAA,EACF;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAYA,aAAa,WAAW,MAK4B;AAClD,UAAM,WAAW,IAAI,gBAAgB,EAAE,UAAU,QAAQ,WAAW,CAAC,EAAE,SAAS;AAEhF,UAAM,QAAQ,MAAM,KAAK,QAAyB;AAAA,MAChD,MAAM,QAAQ;AAAA,MACd;AAAA,MACA;AAAA,MACA,OAAO;AAAA,IACT,CAAC;AAED,WAAO;AAAA,MACL,cAAc,MAAM,gBAAgB;AAAA,MACpC,MAAM,MAAM,QAAQ;AAAA,IACtB;AAAA,EACF;AACF;","names":[]}

package/dist/{chunk-X4YDETTD.js → chunk-TWDSDTHU.js}

@@ -2,7 +2,7 @@
 
 
 
-var _chunkFDJQRIMYjs = require('./chunk-FDJQRIMY.js');
+var _chunk5IEWLLLDjs = require('./chunk-5IEWLLLD.js');
 
 
 var _chunk4MN547K7js = require('./chunk-4MN547K7.js');
@@ -190,41 +190,50 @@ var COMPANY_ADMINISTRATOR_ROLE_ID = "2e1eee00-6cba-4506-9059-ccd24e4ea5b0";
 var ACTION_TYPES = ["read", "create", "update", "delete"];
 
 // src/features/rbac/data/RbacService.ts
-var RbacService = class extends _chunkFDJQRIMYjs.AbstractService {
+var RbacService = class extends _chunk5IEWLLLDjs.AbstractService {
   static {
     _chunk7QVYU63Ejs.__name.call(void 0, this, "RbacService");
   }
-  static async getFeatures() {
-    const endpoint = new (0, _chunkFDJQRIMYjs.EndpointCreator)({ endpoint: _chunkFDJQRIMYjs.Modules.Feature }).addAdditionalParam("fetchAll", "true");
-    return this.callApi({
-      type: _chunkFDJQRIMYjs.Modules.Feature,
+  /**
+   * Fetch the current RBAC matrix plus each module's known BFS relationship
+   * paths (used by the permission picker as scope suggestions).
+   *
+   * Dev-only endpoint — see class header.
+   */
+  static async fetchMatrix() {
+    const endpoint = new (0, _chunk5IEWLLLDjs.EndpointCreator)({ endpoint: _chunk5IEWLLLDjs.Modules.RbacMatrix }).generate();
+    const model = await this.callApi({
+      type: _chunk5IEWLLLDjs.Modules.RbacMatrix,
       method: "GET" /* GET */,
-      endpoint: endpoint.generate()
+      endpoint
     });
+    return {
+      matrix: _nullishCoalesce(model.matrix, () => ( {})),
+      modulePaths: _nullishCoalesce(model.modulePaths, () => ( {}))
+    };
   }
-  static async getRoles() {
-    const endpoint = new (0, _chunkFDJQRIMYjs.EndpointCreator)({ endpoint: _chunkFDJQRIMYjs.Modules.Role }).addAdditionalParam("fetchAll", "true");
-    return this.callApi({
-      type: _chunkFDJQRIMYjs.Modules.Role,
-      method: "GET" /* GET */,
-      endpoint: endpoint.generate()
-    });
-  }
-  static async getPermissionMappings() {
-    const endpoint = new (0, _chunkFDJQRIMYjs.EndpointCreator)({ endpoint: _chunkFDJQRIMYjs.Modules.PermissionMapping });
-    return this.callApi({
-      type: _chunkFDJQRIMYjs.Modules.PermissionMapping,
-      method: "GET" /* GET */,
-      endpoint: endpoint.generate()
-    });
-  }
-  static async getModuleRelationshipPaths() {
-    const endpoint = new (0, _chunkFDJQRIMYjs.EndpointCreator)({ endpoint: _chunkFDJQRIMYjs.Modules.ModulePaths });
-    return this.callApi({
-      type: _chunkFDJQRIMYjs.Modules.ModulePaths,
-      method: "GET" /* GET */,
-      endpoint: endpoint.generate()
+  /**
+   * Persist a matrix back to the declarative `permissions.ts` file.
+   *
+   * The backend serializes the matrix to formatted TypeScript using the
+   * provided `roleNames` / `moduleNames` lookup tables (so the emitted file
+   * references `RoleId.X` / `ModuleId.X` rather than raw UUIDs) and writes
+   * it to `outputPath` (absolute, or relative to the repo root).
+   *
+   * Dev-only endpoint — see class header.
+   */
+  static async saveMatrix(args) {
+    const endpoint = new (0, _chunk5IEWLLLDjs.EndpointCreator)({ endpoint: _chunk5IEWLLLDjs.Modules.RbacMatrix }).generate();
+    const model = await this.callApi({
+      type: _chunk5IEWLLLDjs.Modules.RbacMatrix,
+      method: "PUT" /* PUT */,
+      endpoint,
+      input: args
     });
+    return {
+      bytesWritten: _nullishCoalesce(model.bytesWritten, () => ( 0)),
+      path: _nullishCoalesce(model.path, () => ( ""))
+    };
   }
 };
 
@@ -259,4 +268,4 @@ var RbacService = class extends _chunkFDJQRIMYjs.AbstractService {
 
 
 exports.configureJsonApi = configureJsonApi; exports.configureClientConfig = configureClientConfig; exports.getApiUrl = getApiUrl; exports.getAppUrl = getAppUrl; exports.getTrackablePages = getTrackablePages; exports.getStripePublishableKey = getStripePublishableKey; exports.configureI18n = configureI18n; exports.useI18nRouter = useI18nRouter; exports.useI18nTranslations = useI18nTranslations; exports.getI18nLink = getI18nLink; exports.useI18nLocale = useI18nLocale; exports.useI18nDateFnsLocale = useI18nDateFnsLocale; exports.configureLogin = configureLogin; exports.isDiscordAuthEnabled = isDiscordAuthEnabled; exports.isGoogleAuthEnabled = isGoogleAuthEnabled; exports.isInternalAuthEnabled = isInternalAuthEnabled; exports.isRegistrationAllowed = isRegistrationAllowed; exports.getRegistrationMode = getRegistrationMode; exports.configureRoles = configureRoles; exports.getRoleId = getRoleId; exports.isRolesConfigured = isRolesConfigured; exports.configureWaitlist = configureWaitlist; exports.getWaitlistConfig = getWaitlistConfig; exports.configureReferral = configureReferral; exports.getReferralConfig = getReferralConfig; exports.isReferralEnabled = isReferralEnabled; exports.COMPANY_ADMINISTRATOR_ROLE_ID = COMPANY_ADMINISTRATOR_ROLE_ID; exports.ACTION_TYPES = ACTION_TYPES; exports.RbacService = RbacService;
-//# sourceMappingURL=chunk-X4YDETTD.js.map
+//# sourceMappingURL=chunk-TWDSDTHU.js.map

package/dist/chunk-TWDSDTHU.js.map

@@ -0,0 +1 @@
+{"version":3,"sources":["/home/runner/work/nextjs-jsonapi/nextjs-jsonapi/dist/chunk-TWDSDTHU.js","../src/client/config.ts","../src/i18n/config.ts","../src/login/config.ts","../src/roles/config.ts","../src/features/waitlist/config/waitlist.config.ts","../src/features/referral/config.ts","../src/features/rbac/data/RbacTypes.ts","../src/features/rbac/data/RbacService.ts"],"names":[],"mappings":"AAAA;AACE;AACA;AACA;AACF,sDAA4B;AAC5B;AACE;AACF,sDAA4B;AAC5B;AACE;AACF,sDAA4B;AAC5B;AACA;ACNA,IAAI,cAAA,EAOO,IAAA;AAMJ,SAAS,gBAAA,CAAiB,MAAA,EAOxB;AACP,EAAA,cAAA,EAAgB,MAAA;AAEhB,EAAA,GAAA,CAAI,MAAA,CAAO,YAAA,EAAc;AACvB,IAAA,8CAAA,MAAgB,CAAO,YAAY,CAAA;AACnC,IAAA,MAAA,CAAO,YAAA,CAAa,CAAA;AAAA,EACtB;AACF;AAdgB,qCAAA,gBAAA,EAAA,kBAAA,CAAA;AAoBT,SAAS,qBAAA,CAAsB,MAAA,EAI7B;AACP,EAAA,cAAA,EAAgB,MAAA;AAClB;AANgB,qCAAA,qBAAA,EAAA,uBAAA,CAAA;AAWT,SAAS,SAAA,CAAA,EAAoB;AAClC,EAAA,GAAA,iBAAI,aAAA,2BAAe,QAAA,EAAQ;AACzB,IAAA,OAAO,aAAA,CAAc,MAAA;AAAA,EACvB;AACA,EAAA,GAAA,CAAI,OAAO,QAAA,IAAY,YAAA,mBAAe,OAAA,qBAAQ,GAAA,6BAAK,qBAAA,EAAqB;AACtE,IAAA,OAAO,OAAA,CAAQ,GAAA,CAAI,mBAAA;AAAA,EACrB;AACA,EAAA,OAAO,EAAA;AACT;AARgB,qCAAA,SAAA,EAAA,WAAA,CAAA;AAaT,SAAS,SAAA,CAAA,EAAoB;AAClC,EAAA,GAAA,iBAAI,aAAA,6BAAe,QAAA,EAAQ;AACzB,IAAA,OAAO,aAAA,CAAc,MAAA;AAAA,EACvB;AACA,EAAA,GAAA,CAAI,OAAO,QAAA,IAAY,YAAA,mBAAe,OAAA,qBAAQ,GAAA,6BAAK,qBAAA,EAAqB;AACtE,IAAA,OAAO,OAAA,CAAQ,GAAA,CAAI,mBAAA;AAAA,EACrB;AACA,EAAA,GAAA,CAAI,OAAO,OAAA,IAAW,WAAA,EAAa;AACjC,IAAA,OAAO,MAAA,CAAO,QAAA,CAAS,MAAA;AAAA,EACzB;AACA,EAAA,OAAO,EAAA;AACT;AAXgB,qCAAA,SAAA,EAAA,WAAA,CAAA;AAgBT,SAAS,iBAAA,CAAA,EAA6C;AAC3D,EAAA,wCAAO,aAAA,6BAAe,gBAAA,UAAkB,CAAC,GAAA;AAC3C;AAFgB,qCAAA,iBAAA,EAAA,mBAAA,CAAA;AAOT,SAAS,uBAAA,CAAA,EAA8C;AAC5D,EAAA,uBAAO,aAAA,6BAAe,sBAAA;AACxB;AAFgB,qCAAA,uBAAA,EAAA,yBAAA,CAAA;AD7BhB;AACA;AE7BA,IAAI,QAAA,EAA6B,IAAA;AAG1B,SAAS,aAAA,CAAc,MAAA,EAA0B;AACtD,EAAA,QAAA,EAAU,MAAA;AACZ;AAFgB,qCAAA,aAAA,EAAA,eAAA,CAAA;AAKT,SAAS,aAAA,CAAA,EAA4B;AAC1C,EAAA,GAAA,CAAI,iBAAC,OAAA,6BAAS,WAAA,EAAW;AACvB,IAAA,MAAM,IAAI,KAAA,CAAM,2DAA2D,CAAA;AAAA,EAC7E;AACA,EAAA,OAAO,OAAA,CAAQ,SAAA,CAAU,CAAA;AAC3B;AALgB,qCAAA,aAAA,EAAA,eAAA,CAAA;AAOT,SAAS,mBAAA,CAAoB,SAAA,EAA2E;AAC7G,EAAA,GAAA,CAAI,iBAAC,OAAA,+BAAS,iBAAA,EAAiB;AAE7B,IAAA,OAAO,CAAC,GAAA,EAAA,GAAgB,GAAA;AAAA,EAC1B;AACA,EAAA,OAAO,OAAA,CAAQ,eAAA,CAAgB,SAAS,CAAA;AAC1C;AANgB,qCAAA,mBAAA,EAAA,qBAAA,CAAA;AAQT,SAAS,WAAA,CAAA,EAA6B;AAC3C,EAAA,GAAA,CAAI,iBAAC,OAAA,+BAAS,MAAA,EAAM;AAClB,IAAA,MAAM,IAAI,KAAA,CAAM,2DAA2D,CAAA;AAAA,EAC7E;AACA,EAAA,OAAO,OAAA,CAAQ,IAAA;AACjB;AALgB,qCAAA,WAAA,EAAA,aAAA,CAAA;AAOT,SAAS,aAAA,CAAA,EAAwB;AACtC,EAAA,GAAA,iBAAI,OAAA,+BAAS,WAAA,EAAW;AACtB,IAAA,OAAO,OAAA,CAAQ,SAAA,CAAU,CAAA;AAAA,EAC3B;AAEA,EAAA,OAAO,IAAA;AACT;AANgB,qCAAA,aAAA,EAAA,eAAA,CAAA;AAQT,SAAS,oBAAA,CAAA,EAA4B;AAC1C,EAAA,GAAA,iBAAI,OAAA,+BAAS,kBAAA,EAAkB;AAC7B,IAAA,OAAO,OAAA,CAAQ,gBAAA,CAAiB,CAAA;AAAA,EAClC;AAEA,EAAA,OAAO,KAAA,CAAA;AACT;AANgB,qCAAA,oBAAA,EAAA,sBAAA,CAAA;AFgChB;AACA;AGpGA,IAAI,gBAAA,EAA2B,KAAA;AAC/B,IAAI,eAAA,EAA0B,KAAA;AAC9B,IAAI,iBAAA,EAA4B,IAAA;AAChC,IAAI,mBAAA,EAA8B,IAAA;AAClC,IAAI,kBAAA,EAAoD,MAAA;AAYjD,SAAS,cAAA,CAAe,MAAA,EAA2B;AACxD,EAAA,gBAAA,EAAkB,CAAC,CAAC,MAAA,CAAO,eAAA;AAC3B,EAAA,eAAA,EAAiB,CAAC,CAAC,MAAA,CAAO,cAAA;AAC1B,EAAA,iBAAA,mBAAmB,MAAA,CAAO,eAAA,UAAmB,MAAA;AAC7C,EAAA,mBAAA,mBAAqB,MAAA,CAAO,iBAAA,UAAqB,MAAA;AACjD,EAAA,kBAAA,mBAAoB,MAAA,CAAO,gBAAA,UAAoB,QAAA;AACjD;AANgB,qCAAA,cAAA,EAAA,gBAAA,CAAA;AAQT,SAAS,oBAAA,CAAA,EAAgC;AAC9C,EAAA,OAAO,eAAA;AACT;AAFgB,qCAAA,oBAAA,EAAA,sBAAA,CAAA;AAIT,SAAS,mBAAA,CAAA,EAA+B;AAC7C,EAAA,OAAO,cAAA;AACT;AAFgB,qCAAA,mBAAA,EAAA,qBAAA,CAAA;AAIT,SAAS,qBAAA,CAAA,EAAiC;AAC/C,EAAA,OAAO,gBAAA;AACT;AAFgB,qCAAA,qBAAA,EAAA,uBAAA,CAAA;AAIT,SAAS,qBAAA,CAAA,EAAiC;AAC/C,EAAA,OAAO,kBAAA;AACT;AAFgB,qCAAA,qBAAA,EAAA,uBAAA,CAAA;AAIT,SAAS,mBAAA,CAAA,EAAwC;AACtD,EAAA,OAAO,iBAAA;AACT;AAFgB,qCAAA,mBAAA,EAAA,qBAAA,CAAA;AH8FhB;AACA;AI5HA,IAAI,QAAA,EAA+B,IAAA;AAc5B,SAAS,cAAA,CAAe,MAAA,EAA4B;AACzD,EAAA,QAAA,EAAU,MAAA;AACZ;AAFgB,qCAAA,cAAA,EAAA,gBAAA,CAAA;AAQT,SAAS,SAAA,CAAA,EAA0B;AACxC,EAAA,GAAA,CAAI,CAAC,OAAA,EAAS;AACZ,IAAA,MAAM,IAAI,KAAA,CAAM,6DAA6D,CAAA;AAAA,EAC/E;AACA,EAAA,OAAO,OAAA;AACT;AALgB,qCAAA,SAAA,EAAA,WAAA,CAAA;AAUT,SAAS,iBAAA,CAAA,EAA6B;AAC3C,EAAA,OAAO,QAAA,IAAY,IAAA;AACrB;AAFgB,qCAAA,iBAAA,EAAA,mBAAA,CAAA;AJ6GhB;AACA;AK/HA,IAAI,gBAAA,EAAkC,CAAC,CAAA;AAEhC,SAAS,iBAAA,CAAkB,MAAA,EAA8B;AAC9D,EAAA,gBAAA,EAAkB,MAAA;AACpB;AAFgB,qCAAA,iBAAA,EAAA,mBAAA,CAAA;AAIT,SAAS,iBAAA,CAAA,EAAoC;AAClD,EAAA,OAAO,eAAA;AACT;AAFgB,qCAAA,iBAAA,EAAA,mBAAA,CAAA;ALmIhB;AACA;AMvHO,IAAM,wBAAA,EAAoD;AAAA,EAC/D,OAAA,EAAS,KAAA;AAAA,EACT,UAAA,EAAY,eAAA;AAAA,EACZ,UAAA,EAAY,EAAA;AAAA,EACZ,YAAA,EAAc,KAAA;AAAA,EACd,eAAA,EAAiB,EAAA;AAAA,EACjB,YAAA,EAAc;AAChB,CAAA;AAGA,IAAI,gBAAA,EAA4C,EAAE,GAAG,wBAAwB,CAAA;AAgBtE,SAAS,iBAAA,CAAkB,MAAA,EAA8B;AAC9D,EAAA,gBAAA,EAAkB,EAAE,GAAG,uBAAA,EAAyB,GAAG,OAAO,CAAA;AAC5D;AAFgB,qCAAA,iBAAA,EAAA,mBAAA,CAAA;AAQT,SAAS,iBAAA,CAAA,EAA8C;AAC5D,EAAA,OAAO,eAAA;AACT;AAFgB,qCAAA,iBAAA,EAAA,mBAAA,CAAA;AAOT,SAAS,iBAAA,CAAA,EAA6B;AAC3C,EAAA,OAAO,eAAA,CAAgB,OAAA;AACzB;AAFgB,qCAAA,iBAAA,EAAA,mBAAA,CAAA;ANoGhB;AACA;AO3LO,IAAM,8BAAA,EAAgC,sCAAA;AAMtC,IAAM,aAAA,EAA6B,CAAC,MAAA,EAAQ,QAAA,EAAU,QAAA,EAAU,QAAQ,CAAA;APwL/E;AACA;AQ5KO,IAAM,YAAA,EAAN,MAAA,QAA0B,iCAAgB;AAAA,EAnBjD,OAmBiD;AAAA,IAAA,qCAAA,IAAA,EAAA,aAAA,CAAA;AAAA,EAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAO/C,OAAA,MAAa,WAAA,CAAA,EAGV;AACD,IAAA,MAAM,SAAA,EAAW,IAAI,qCAAA,CAAgB,EAAE,QAAA,EAAU,wBAAA,CAAQ,WAAW,CAAC,CAAA,CAAE,QAAA,CAAS,CAAA;AAEhF,IAAA,MAAM,MAAA,EAAQ,MAAM,IAAA,CAAK,OAAA,CAAyB;AAAA,MAChD,IAAA,EAAM,wBAAA,CAAQ,UAAA;AAAA,MACd,MAAA,EAAA,eAAA;AAAA,MACA;AAAA,IACF,CAAC,CAAA;AAED,IAAA,OAAO;AAAA,MACL,MAAA,mBAAQ,KAAA,CAAM,MAAA,UAAU,CAAC,GAAA;AAAA,MACzB,WAAA,mBAAa,KAAA,CAAM,WAAA,UAAe,CAAC;AAAA,IACrC,CAAA;AAAA,EACF;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAYA,OAAA,MAAa,UAAA,CAAW,IAAA,EAK4B;AAClD,IAAA,MAAM,SAAA,EAAW,IAAI,qCAAA,CAAgB,EAAE,QAAA,EAAU,wBAAA,CAAQ,WAAW,CAAC,CAAA,CAAE,QAAA,CAAS,CAAA;AAEhF,IAAA,MAAM,MAAA,EAAQ,MAAM,IAAA,CAAK,OAAA,CAAyB;AAAA,MAChD,IAAA,EAAM,wBAAA,CAAQ,UAAA;AAAA,MACd,MAAA,EAAA,eAAA;AAAA,MACA,QAAA;AAAA,MACA,KAAA,EAAO;AAAA,IACT,CAAC,CAAA;AAED,IAAA,OAAO;AAAA,MACL,YAAA,mBAAc,KAAA,CAAM,YAAA,UAAgB,GAAA;AAAA,MACpC,IAAA,mBAAM,KAAA,CAAM,IAAA,UAAQ;AAAA,IACtB,CAAA;AAAA,EACF;AACF,CAAA;ARoKA;AACA;AACE;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACF,8yCAAC","file":"/home/runner/work/nextjs-jsonapi/nextjs-jsonapi/dist/chunk-TWDSDTHU.js","sourcesContent":[null,"\"use client\";\n\nimport { ModuleWithPermissions } from \"../permissions/types\";\nimport { setBootstrapper } from \"../core/registry/bootstrapStore\";\n\n// Config storage for client-side contexts\nlet _clientConfig: {\n  apiUrl: string;\n  appUrl?: string;\n  trackablePages?: ModuleWithPermissions[];\n  bootstrapper?: () => void;\n  additionalHeaders?: Record<string, string>;\n  stripePublishableKey?: string;\n} | null = null;\n\n/**\n * Configure the JSON:API client. This is the main configuration function.\n * This is typically called during app initialization.\n */\nexport function configureJsonApi(config: {\n  apiUrl: string;\n  appUrl?: string;\n  trackablePages?: ModuleWithPermissions[];\n  bootstrapper?: () => void;\n  additionalHeaders?: Record<string, string>;\n  stripePublishableKey?: string;\n}): void {\n  _clientConfig = config;\n  // Register and call bootstrapper to register all modules\n  if (config.bootstrapper) {\n    setBootstrapper(config.bootstrapper);\n    config.bootstrapper();\n  }\n}\n\n/**\n * Configure the client config. This is typically called during app initialization.\n * @deprecated Use configureJsonApi instead\n */\nexport function configureClientConfig(config: {\n  apiUrl: string;\n  appUrl?: string;\n  trackablePages?: ModuleWithPermissions[];\n}): void {\n  _clientConfig = config;\n}\n\n/**\n * Get the configured API URL.\n */\nexport function getApiUrl(): string {\n  if (_clientConfig?.apiUrl) {\n    return _clientConfig.apiUrl;\n  }\n  if (typeof process !== \"undefined\" && process.env?.NEXT_PUBLIC_API_URL) {\n    return process.env.NEXT_PUBLIC_API_URL;\n  }\n  return \"\";\n}\n\n/**\n * Get the configured app URL.\n */\nexport function getAppUrl(): string {\n  if (_clientConfig?.appUrl) {\n    return _clientConfig.appUrl;\n  }\n  if (typeof process !== \"undefined\" && process.env?.NEXT_PUBLIC_APP_URL) {\n    return process.env.NEXT_PUBLIC_APP_URL;\n  }\n  if (typeof window !== \"undefined\") {\n    return window.location.origin;\n  }\n  return \"\";\n}\n\n/**\n * Get the configured trackable pages.\n */\nexport function getTrackablePages(): ModuleWithPermissions[] {\n  return _clientConfig?.trackablePages ?? [];\n}\n\n/**\n * Get the configured Stripe publishable key.\n */\nexport function getStripePublishableKey(): string | undefined {\n  return _clientConfig?.stripePublishableKey;\n}\n","import { ComponentType } from \"react\";\n\n// Types for injected hooks\nexport interface I18nRouter {\n  push: (href: string) => void;\n  replace: (href: string) => void;\n  back: () => void;\n  forward: () => void;\n  refresh: () => void;\n  prefetch: (href: string) => void;\n}\n\nexport type UseRouterHook = () => I18nRouter;\nexport type UseTranslationsHook = (namespace?: string) => (key: string, values?: Record<string, any>) => string;\nexport type UseLocaleHook = () => string;\n\nexport type UseDateFnsLocaleHook = () => any; // date-fns Locale type\nexport type LinkComponent = ComponentType<{ href: string; children: React.ReactNode; [key: string]: any }>;\n\nexport interface I18nConfig {\n  useRouter: UseRouterHook;\n  useTranslations: UseTranslationsHook;\n  useLocale?: UseLocaleHook;\n  useDateFnsLocale?: UseDateFnsLocaleHook;\n  Link: LinkComponent;\n  usePathname: () => string;\n}\n\n// Private storage\nlet _config: I18nConfig | null = null;\n\n// Configuration function (called by app at startup)\nexport function configureI18n(config: I18nConfig): void {\n  _config = config;\n}\n\n// Hooks for library components to use\nexport function useI18nRouter(): I18nRouter {\n  if (!_config?.useRouter) {\n    throw new Error(\"i18n not configured. Call configureI18n() at app startup.\");\n  }\n  return _config.useRouter();\n}\n\nexport function useI18nTranslations(namespace?: string): (key: string, values?: Record<string, any>) => string {\n  if (!_config?.useTranslations) {\n    // Fallback: return key as-is (safe for server/client)\n    return (key: string) => key;\n  }\n  return _config.useTranslations(namespace);\n}\n\nexport function getI18nLink(): LinkComponent {\n  if (!_config?.Link) {\n    throw new Error(\"i18n not configured. Call configureI18n() at app startup.\");\n  }\n  return _config.Link;\n}\n\nexport function useI18nLocale(): string {\n  if (_config?.useLocale) {\n    return _config.useLocale();\n  }\n  // Fallback to English (safe for server/client)\n  return \"en\";\n}\n\nexport function useI18nDateFnsLocale(): any {\n  if (_config?.useDateFnsLocale) {\n    return _config.useDateFnsLocale();\n  }\n  // Fallback to undefined (Calendar will use default)\n  return undefined;\n}\n","let _useDiscordAuth: boolean = false;\nlet _useGoogleAuth: boolean = false;\nlet _useInternalAuth: boolean = true;\nlet _allowRegistration: boolean = true;\nlet _registrationMode: \"open\" | \"closed\" | \"waitlist\" = \"open\";\n\nexport type RegistrationMode = \"open\" | \"closed\" | \"waitlist\";\n\nexport interface LoginConfig {\n  discordClientId?: string;\n  googleClientId?: string;\n  useInternalAuth?: boolean;\n  allowRegistration?: boolean;\n  registrationMode?: RegistrationMode;\n}\n\nexport function configureLogin(params: LoginConfig): void {\n  _useDiscordAuth = !!params.discordClientId;\n  _useGoogleAuth = !!params.googleClientId;\n  _useInternalAuth = params.useInternalAuth ?? true;\n  _allowRegistration = params.allowRegistration ?? true;\n  _registrationMode = params.registrationMode ?? \"open\";\n}\n\nexport function isDiscordAuthEnabled(): boolean {\n  return _useDiscordAuth;\n}\n\nexport function isGoogleAuthEnabled(): boolean {\n  return _useGoogleAuth;\n}\n\nexport function isInternalAuthEnabled(): boolean {\n  return _useInternalAuth;\n}\n\nexport function isRegistrationAllowed(): boolean {\n  return _allowRegistration;\n}\n\nexport function getRegistrationMode(): RegistrationMode {\n  return _registrationMode;\n}\n","/**\n * Role ID configuration interface\n * Apps provide their role IDs via configureRoles()\n */\nexport interface RoleIdConfig {\n  Administrator: string;\n  CompanyAdministrator: string;\n  [key: string]: string; // Allow additional roles\n}\n\n// Private storage for the injected role IDs\nlet _roleId: RoleIdConfig | null = null;\n\n/**\n * Configure role IDs for the library\n * Call this at app startup to provide role ID constants\n *\n * @example\n * ```typescript\n * import { configureRoles } from \"@carlonicora/nextjs-jsonapi\";\n * import { RoleId } from \"@phlow/shared\";\n *\n * configureRoles(RoleId);\n * ```\n */\nexport function configureRoles(roleId: RoleIdConfig): void {\n  _roleId = roleId;\n}\n\n/**\n * Get configured role IDs\n * @throws Error if roles not configured\n */\nexport function getRoleId(): RoleIdConfig {\n  if (!_roleId) {\n    throw new Error(\"Roles not configured. Call configureRoles() at app startup.\");\n  }\n  return _roleId;\n}\n\n/**\n * Check if roles have been configured\n */\nexport function isRolesConfigured(): boolean {\n  return _roleId !== null;\n}\n","export type QuestionnaireFieldType = \"text\" | \"textarea\" | \"select\" | \"checkbox\";\n\nexport interface QuestionnaireOption {\n  value: string;\n  label: string;\n  description?: string;\n}\n\nexport interface QuestionnaireField {\n  id: string;\n  type: QuestionnaireFieldType;\n  label: string;\n  description?: string;\n  placeholder?: string;\n  required?: boolean;\n  options?: QuestionnaireOption[];\n}\n\nexport interface WaitlistConfig {\n  questionnaire?: QuestionnaireField[];\n  heroTitle?: string;\n  heroSubtitle?: string;\n  heroDescription?: string;\n  benefits?: string[];\n}\n\nlet _waitlistConfig: WaitlistConfig = {};\n\nexport function configureWaitlist(config: WaitlistConfig): void {\n  _waitlistConfig = config;\n}\n\nexport function getWaitlistConfig(): WaitlistConfig {\n  return _waitlistConfig;\n}\n","/**\n * Configuration interface for frontend referral feature.\n */\nexport interface ReferralConfig {\n  /**\n   * Whether the referral feature is enabled.\n   * When false, components render nothing and hooks return null.\n   * @default false\n   */\n  enabled?: boolean;\n\n  /**\n   * Name of the cookie used to store referral codes.\n   * @default \"referral_code\"\n   */\n  cookieName?: string;\n\n  /**\n   * Number of days the referral cookie is valid.\n   * @default 30\n   */\n  cookieDays?: number;\n\n  /**\n   * Query parameter name for referral code in URL.\n   * @default \"ref\"\n   */\n  urlParamName?: string;\n\n  /**\n   * Base URL for referral links.\n   * @default window.location.origin (client-side only)\n   */\n  referralUrlBase?: string;\n\n  /**\n   * Path to append to base URL for referral links.\n   * @default \"/\"\n   */\n  referralPath?: string;\n}\n\n/**\n * Default configuration values\n */\nexport const DEFAULT_REFERRAL_CONFIG: Required<ReferralConfig> = {\n  enabled: false,\n  cookieName: \"referral_code\",\n  cookieDays: 30,\n  urlParamName: \"ref\",\n  referralUrlBase: \"\",\n  referralPath: \"/\",\n};\n\n// Private storage for configuration\nlet _referralConfig: Required<ReferralConfig> = { ...DEFAULT_REFERRAL_CONFIG };\n\n/**\n * Configure referral feature settings.\n * Call this at app startup to enable and configure referral functionality.\n *\n * @example\n * ```typescript\n * import { configureReferral } from \"@carlonicora/nextjs-jsonapi\";\n *\n * configureReferral({\n *   enabled: process.env.NEXT_PUBLIC_REFERRAL_ENABLED === 'true',\n *   cookieDays: 30,\n * });\n * ```\n */\nexport function configureReferral(config: ReferralConfig): void {\n  _referralConfig = { ...DEFAULT_REFERRAL_CONFIG, ...config };\n}\n\n/**\n * Get the current referral configuration.\n * @internal\n */\nexport function getReferralConfig(): Required<ReferralConfig> {\n  return _referralConfig;\n}\n\n/**\n * Check if referral feature is enabled.\n */\nexport function isReferralEnabled(): boolean {\n  return _referralConfig.enabled;\n}\n","export const COMPANY_ADMINISTRATOR_ROLE_ID = \"2e1eee00-6cba-4506-9059-ccd24e4ea5b0\";\n\nexport type PermissionValue = boolean | string;\n\nexport type ActionType = \"read\" | \"create\" | \"update\" | \"delete\";\n\nexport const ACTION_TYPES: ActionType[] = [\"read\", \"create\", \"update\", \"delete\"];\n\n/** The permissions object shape used by both Module and PermissionMapping entities */\nexport type PermissionsMap = {\n  create?: PermissionValue;\n  read?: PermissionValue;\n  update?: PermissionValue;\n  delete?: PermissionValue;\n};\n\n/**\n * Declarative-RBAC matrix types.\n *\n * Mirror of the library types defined in\n * `packages/nestjs-neo4jsonapi/src/foundations/rbac/dsl/types.ts`.\n * Frontend does not import from backend, so the shape is redefined here.\n *\n * A `PermToken` represents a single permission entry:\n *  - `scope: true`  → unconditional (e.g. full read of the module)\n *  - `scope: false` → nothing (rarely used, mostly a placeholder)\n *  - `scope: \"path\"` → scoped by relationship path (e.g. \"orders.account\")\n */\nexport type PermToken = { action: string; scope: boolean | string };\n\n/**\n * A per-module block of the matrix. Always has a `default` row (permissions\n * granted to every role). Additional keys are role IDs → role-specific\n * permission tokens that are unioned with `default` to produce the effective\n * permissions for that role in that module.\n */\nexport type RbacModuleBlock = { default: PermToken[] } & Record<string, PermToken[]>;\n\n/**\n * The full RBAC matrix as served by the dev endpoint `GET /_dev/rbac/matrix`.\n * Keys are module IDs; values are module blocks.\n */\nexport type RbacMatrix = Record<string, RbacModuleBlock>;\n","import { AbstractService, EndpointCreator, HttpMethod, Modules } from \"../../../core\";\nimport type { RbacMatrixModel } from \"./RbacMatrixModel\";\nimport type { RbacMatrix } from \"./RbacTypes\";\n\n/**\n * RbacService — fetches RBAC configuration for the admin UI.\n *\n * Declarative-matrix methods (`fetchMatrix`, `saveMatrix`) talk to the\n * dev-only endpoints added in\n * `packages/nestjs-neo4jsonapi/.../rbac-dev.controller.ts`. The controller\n * speaks JSON:API (singleton resource with `type: \"rbac-matrix\"`, `id:\n * \"singleton\"`), so these methods go through the standard `callApi()`\n * pipeline like every other service in the codebase.\n *\n * The backend only registers these routes when `devMode` is enabled on\n * `RbacModule.register` (see `apps/api/src/features/features.modules.ts`).\n * In production the routes return 404; callers should guard with a dev-mode\n * check.\n */\nexport class RbacService extends AbstractService {\n  /**\n   * Fetch the current RBAC matrix plus each module's known BFS relationship\n   * paths (used by the permission picker as scope suggestions).\n   *\n   * Dev-only endpoint — see class header.\n   */\n  static async fetchMatrix(): Promise<{\n    matrix: RbacMatrix;\n    modulePaths: Record<string, readonly string[]>;\n  }> {\n    const endpoint = new EndpointCreator({ endpoint: Modules.RbacMatrix }).generate();\n\n    const model = await this.callApi<RbacMatrixModel>({\n      type: Modules.RbacMatrix,\n      method: HttpMethod.GET,\n      endpoint,\n    });\n\n    return {\n      matrix: model.matrix ?? {},\n      modulePaths: model.modulePaths ?? {},\n    };\n  }\n\n  /**\n   * Persist a matrix back to the declarative `permissions.ts` file.\n   *\n   * The backend serializes the matrix to formatted TypeScript using the\n   * provided `roleNames` / `moduleNames` lookup tables (so the emitted file\n   * references `RoleId.X` / `ModuleId.X` rather than raw UUIDs) and writes\n   * it to `outputPath` (absolute, or relative to the repo root).\n   *\n   * Dev-only endpoint — see class header.\n   */\n  static async saveMatrix(args: {\n    matrix: RbacMatrix;\n    roleNames: Record<string, string>;\n    moduleNames: Record<string, string>;\n    outputPath: string;\n  }): Promise<{ bytesWritten: number; path: string }> {\n    const endpoint = new EndpointCreator({ endpoint: Modules.RbacMatrix }).generate();\n\n    const model = await this.callApi<RbacMatrixModel>({\n      type: Modules.RbacMatrix,\n      method: HttpMethod.PUT,\n      endpoint,\n      input: args,\n    });\n\n    return {\n      bytesWritten: model.bytesWritten ?? 0,\n      path: model.path ?? \"\",\n    };\n  }\n}\n"]}